Static Evidences for Attack Reconstruction

  • Chiara Bodei
  • Linda Brodo
  • Riccardo Focardi
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9465)


Control Flow Analysis (CFA) has been proven successful for the analysis of cryptographic protocols. Due to its over-approximative nature, the absence of detected flaws implies their absence also at run time, while their presence only says that there is the possibility for flaws to occur. Nevertheless, the static detection of a flaw can be considered as a warning bell that alerts against a possible attack, of which the flaw is the result. Reconstructing the possible attack leading to the detected flaw is not trivial, though. We propose a CFA enriched with causal information that accounts for attacker activity. In case a flaw is predicted, the causal information provides a sort of climbing holds that can be escalated to reconstruct the attack sequence leading to the flaw.


Pattern Match Cryptographic Protocol Static Violation Causal Information Encrypt Message 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



We would like to thank Mikael Bucholtz, Hanne Riis Nielson, Flemming Nielson and, in particular, Pierpaolo Degano for the many valuable discussions on CFA, on LySa, and on other issues. Some of the ideas developed here have their roots in those discussions. Furthermore, we thank our anonymous referees for their useful comments.


  1. 1.
    Abadi, M., Gordon, A.D.: A calculus for cryptographic protocols - the Spi Calculus. Inf. Comput. 148(1), 1–70 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Allamigeon, X., Blanchet, B.: Reconstruction of attacks against cryptographic protocols. In: 18th IEEE Computer Security Foundations Workshop, (CSFW-18 2005), pp. 140–154 (2005)Google Scholar
  3. 3.
    Backes, M., Cortesi, A., Maffei, M.: Causality-based abstraction of multiplicity in security protocols. In: IEEE Computer Security Foundations Symposium (CSF’07), pp. 355–369 (2007)Google Scholar
  4. 4.
    Bodei, C., Brodo, L., Degano, P., Gao, H.: Detecting and preventing type flaws at static time. J. Comput. Secur. 18(2), 229–264 (2010)CrossRefGoogle Scholar
  5. 5.
    Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Static validation of security protocols. Inf. Comput. 13(3), 347–390 (2005)zbMATHGoogle Scholar
  6. 6.
    Buchholtz, M., Maidl, M., Bodei, C., Degano, P., Priami, C.: Deliverable D14, Final Report on Static Techniques. Technical report, Project DEGAS IST-2001-32072 (2004)Google Scholar
  7. 7.
    Buchholtz, M., Nielson, F., Nielson, H.R.: A calculus for control flow analysis of security protocols. Int. J. Inf. Secur. 2(3–4), 157–167 (2004)zbMATHGoogle Scholar
  8. 8.
    Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8, 18–36 (1990)CrossRefzbMATHGoogle Scholar
  9. 9.
    Crazzolara, F., Winskel, G.: Events in security protocols. In: Proceedings of the 8th ACM Conference on Computer and Communications Security (CCS 2001), pp. 96–105 (2001)Google Scholar
  10. 10.
    Degano, P., Priami, C.: Non-interleaving semantics for mobile processes. Theor. Comput. Sci. 216(1–2), 237–270 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theor. IT–29(12), 198–208 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Gao, H., Bodei, C., Degano, P.: A formal analysis of complex type flaw attacks on security protocols. In: Meseguer, J., Roşu, G. (eds.) AMAST 2008. LNCS, vol. 5140, pp. 167–183. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  13. 13.
    Gao, H., Bodei, C., Degano, P., Nielson, H.R.: A formal analysis for capturing replay attacks in cryptographic protocols. In: Cervesato, I. (ed.) ASIAN 2007. LNCS, vol. 4846, pp. 150–165. Springer, Heidelberg (2007) Google Scholar
  14. 14.
    Milner, R., Parrow, J., Walker, D.: A calculus of mobile processes (I and II). Inf. Comput. 100(1), 1–77 (1992)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Nielsen, C.R., Nielson, F., Nielson, H.R.: Cryptographic pattern matching. Electr. Notes Theor. Comput. Sci. 168, 91–107 (2007)CrossRefGoogle Scholar
  16. 16.
    Nielson, F., Nielson, H.R., Hankin, C.: Principles of Program Analysis. Springer, Heidelberg (1999)CrossRefzbMATHGoogle Scholar
  17. 17.
    Sewell, P., Vitek, J.: Secure composition of untrusted code: box pi, wrappers, and causality. J. Comput. Secur. 11(2), 135–188 (2003)CrossRefGoogle Scholar
  18. 18.
    Thayer, F.J., Herzog, J.C., Guttman, J.D.: Strand spaces: proving security protocols correct. J. Comput. Secur. 7(1), 191–230 (1999)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Dip. di InformaticaUniversità di PisaPisaItaly
  2. 2.Dip. di Sci. Pol., Sci. della Com. e Ing. dell’Inform.Università di SassariSassariItaly
  3. 3.Dip. di Scienze Ambientali, Informatica e StatisticaUniversità di VeneziaVeneziaItaly

Personalised recommendations